|
|
Line 1: |
Line 1: |
| {{released|2019-12-03|1.1.8}}{{TOCright}} | | {{released|2019-12-03|1.1.8}}{{TOCright}} |
|
| |
|
| This release fixes several important security issues and should be installed by all installations. It also includes miscellaneous other changes received during 2019. | | This release encountered an error in the release process. Use version [[Release Notes/1.1.9.1|1.1.9.1]] instead. |
| | |
| == Prerequisites for Upgrade ==
| |
| === Upgrades of Other Software ===
| |
| * AWL 0.60 is recommended for use with this version (as with version 1.1.8)
| |
| | |
| == Changes ==
| |
| | |
| === Bug Fixes ===
| |
| * Corrects reflected cross-site scripting (XSS) vulnerability
| |
| * Corrects persistent XSS vulnerability in user/group/resource details
| |
| * Corrects persistent XSS vulnerability in user/group/resource list
| |
| * Adds token to address cross-site request forgery (CSRF) vulnerability
| |
| * Corrects syntax error in name of collection_id
| |
| * Make calquery aware of default timezone
| |
| * Corrections to range-based calendar queries
| |
| * Add missing 'break' to rrule.php
| |
| | |
| === Other Changes ===
| |
| * Updated PHP version requirement
| |
| | |
| == Downloading DAViCal ==
| |
| | |
| DAViCal 1.1.9: [https://www.davical.org/downloads/davical_1.1.9.orig.tar.xz https://www.davical.org/downloads/davical_1.1.9.orig.tar.xz]
| |
| | |
| AWL 0.60: [https://www.davical.org/downloads/awl_0.60.orig.tar.xz https://www.davical.org/downloads/awl_0.60.orig.tar.xz]
| |
| | |
| See [[Downloading]]
| |
| | |
| == Known Issues ==
| |
| === Subsequently Fixed in Git ===
| |
| * None
| |
| | |
| === Outstanding ===
| |
| * None known.
| |
Latest revision as of 01:48, 4 December 2019